General
-
Target
file.exe
-
Size
274KB
-
Sample
221118-rnzwjadd9s
-
MD5
39e947318bd7c04280e9266f4b6c0a35
-
SHA1
1568c064c8aa24f17549fbbff895fc7eae574dcd
-
SHA256
ce3c6cc7e3d80c26246bb01b910992d8c77b1c3f30ec28b79346f15224a3c746
-
SHA512
05361abdf59148b763bb5705587a01d8309a5db3b6a8006b70793459af8e48db8c801d41917af9d96e2b74f154a58822d24c4f7585a84f2c5ec43d2f39fb1db2
-
SSDEEP
6144:/nEyS75sX+u7KlvKBPCJhKoRRfE87Ea6M:/Q2+umgEhdjfRM
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
55.7
1827
https://t.me/deadftx
https://www.ultimate-guitar.com/u/smbfupkuhrgc1
-
profile_id
1827
Targets
-
-
Target
file.exe
-
Size
274KB
-
MD5
39e947318bd7c04280e9266f4b6c0a35
-
SHA1
1568c064c8aa24f17549fbbff895fc7eae574dcd
-
SHA256
ce3c6cc7e3d80c26246bb01b910992d8c77b1c3f30ec28b79346f15224a3c746
-
SHA512
05361abdf59148b763bb5705587a01d8309a5db3b6a8006b70793459af8e48db8c801d41917af9d96e2b74f154a58822d24c4f7585a84f2c5ec43d2f39fb1db2
-
SSDEEP
6144:/nEyS75sX+u7KlvKBPCJhKoRRfE87Ea6M:/Q2+umgEhdjfRM
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-